Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. Outgoing mail delivery stops working on an Exchange Server 2007 Hub Transport server after you install Forefront Security for Exchange

Outgoing mail delivery stops working on an Exchange Server 2007 Hub Transport server after you install Forefront Security for Exchange

View products that this article applies to.

Symptoms

After you install and configure Microsoft Forefront Security for Exchange on a Microsoft Exchange Server 2007-based computer that is running the Hub Transport role, you experience the following symptoms:
  • Exchange 2007 accepts and delivers incoming e-mail messages as expected. However, Exchange 2007 no longer sends outgoing e-mail messages. Outgoing messages remain in the submission queue.
  • The following information is logged in the Forefront Security for Exchange ProgramLog.txt file:
    "ERROR: Unable to retrieve internet monitor interface."
"ERROR: SybLicense: Failed to create MSXML instance: -2147221008"
"ERROR: LICENSING: Invalid initialization parameters!"
"ERROR: CoCreateInstance failed in GetLists (0x800401F0)"
    Note The ProgramLog.txt file is located in the Forefront Security for Exchange installation folder.
If you disable Forefront Security for Exchange, Exchange 2007 sends outgoing e-mail messages successfully.

↑ Back to the top

Cause

This problem may occur if one of the following conditions is true:
  • The SELF account does not have the correct DCOM permissions assigned.
  • The Microsoft Exchange Transport service is configured to log on by using the Local System account instead of by using the Network Service account.

↑ Back to the top

Resolution

To resolve this problem, follow these steps:

Step 1: Assign the appropriate DCOM permissions to the SELF account

  1. On the Exchange 2007-based server that is running the Hub Transport role, click Start, click Run, type dcomcnfg, and then click OK.
  2. Expand and then click Component Services.
  3. Under Component Services, expand Computers, right-click My Computer, and then click Properties.
  4. Click the COM Security tab, and then click Edit Default under Access Permissions.
  5. If SELF does not appear in the Group or user names list, click Add, type SELF, click Check Names, and then click OK.
  6. Click SELF, and then click to select the following check boxes in the Allow column:
    • Local Access
    • Remote Access
  7. Click OK two times. Then restart the Exchange-related services and the Forefront Security for Exchange-related services.

Step 2: Configure the log on account for the Microsoft Exchange Transport service

  1. On the Exchange 2007-based server that is running the Hub Transport role, click Start, click Run, type services.msc, and then click OK.
  2. In the list of services, right-click Microsoft Exchange Transport, and then click Properties.
  3. Click the Log On tab, and then click This account.
  4. Click Browse, type Network Service, click Check Names, and then click OK.

    Note Microsoft Windows automatically generates a password for the Network Service account. Therefore, you do not have to specify a password for this account.
  5. Click OK. Then restart the Exchange 2007-related services and the Forefront Security for Exchange-related services.

↑ Back to the top

Keywords: KB934286, kbprb, kbtshoot

↑ Back to the top

Article Info
Article ID : 934286
Revision : 1
Created on : 4/3/2007
Published on : 4/3/2007
Exists online : False
Views : 406